Ransomware 'WannaCry' fails to unnerve guarded India

1st incident of Ransomware malware attack in Patna which has hacked several thousands of computers across the globe.

BENGALURU | NEW DELHI: There has been no major impact of the WannaCry attack on the country, government officials said on Monday, even as they remained on high alert to safeguard key infrastructure such as banking.

“Informally, minor instances have been reported, but they are like a drop in the ocean,” said Aruna Sundararajan, secretary, ministry of electronics and IT. Apart from the isolated incident of the Andhra Police where 18 computers were affected, the government has not received any reports of major attacks, according to Sundararajan.

Meanwhile, cybersecurity experts estimate that in the past 24 hours, the virus, reports of which first came in on Friday from Europe, has affected operations in many Indian organisations — from banking to insurance, manufacturing, retail, BPO services, auto companies and small retail shops. “At least 45,000 computer systems in India have been infected,” said one of the people cited above.

Over the weekend, the government had alerted relevant stakeholders across public and private sectors to secure computer systems as prescribed in the advisory issued by Indian Computer Emergency Response Team (CERT-In).

“Only five incidents have been reported and they are a mix of academia and private sector. We are still monitoring the situation,” Sanjay Bahl, director-general of CERT-In, told ET. The government vigil will continue with Bahl cautioning that “it is difficult to say what will happen tomorrow as the hackers may release a different variation”.

Circulars were also issued to all Indian missions overseas, according to sources in the ministry of external affairs.

Sundararajan said on Monday the government conferred with software maker Microsoft and antivirus provider McAfee. “On March 13, CERT-In issued a detailed alert. Organisations across the government have already updated the patch.”

CERT-In broadcast a webinar on securing systems against the virus attack for end users on Monday morning. It had alerted on key organisations, such as National Informatics Centre (which controls all central and state government systems), the RBI, National Payments Corporation of India and Unique Identification Authority of India over the weekend.

Internet service providers were tasked with securing telecom networks while Data Security Council of India and Centre for Development of Advanced Computing circulated advisories to constituencies to protect industry and users in India, primarily in the private sector.

Still, some companies reported being affected. “Like many companies, Nokia has experienced an impact to some of our Windows-based system caused by malware. At this point, we have not seen a significant disruption to company operations.

We have strengthened our network defences and we have implemented internal remediation actions,” said a Nokia spokesperson.

Ankush Johar of phishing protection company HumanFirewall.io pointed out that many small and medium businesses in remote towns have been affected as their cyber security awareness is pretty low.

The breach has impacted individual users too. Take, for instance, the chief information officer of a large Indian company. She was catching up on a Bollywood blockbuster on her laptop on Saturday evening when a message flashed on the screen: “Pay $300 in Bitcoins to decrypt your system”.

An expert with a Big Four consultancy told ET close to 350 computers were down at a large private bank.

Samir Shah, CEO of tech company Aurionpro, says such attacks are just the beginning. “Whether there are more to follow immediately or not, the trend is certainly showing significant increase.”